545bf6e1ef2f4c4eeb8c789dbdc37c8d7e211c1712b83e9cdfcfccc160f4c4d9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

runtime broker.exe
Size

56KB
Sample

240311-lydhdsfe85
MD5

f6744e6fb182bb6f92d1ad14b88fd56b
SHA1

5b6661b56ca77759c58a7ab9fde99fc655fc8510
SHA256

545bf6e1ef2f4c4eeb8c789dbdc37c8d7e211c1712b83e9cdfcfccc160f4c4d9
SHA512

52b20378ed3b890d6c2e91fdee19c91d498893c9cbd97bfb9f760d20313c79916b5a76884f148f5fe5c488c840718f6b63d5a5e5dc1144c0312097b041d6b0db
SSDEEP

768:NfvdWST3xRbyApqHuDlOHTjXhDnyokke5dfED1ns7csFOTRZqTsc7v:pvdWSVRVDlOzjRzrksAOTRZS1v

Score

7^/10

Malware Config

Targets

- Target
  
  runtime broker.exe
- Size
  
  56KB
- MD5
  
  f6744e6fb182bb6f92d1ad14b88fd56b
- SHA1
  
  5b6661b56ca77759c58a7ab9fde99fc655fc8510
- SHA256
  
  545bf6e1ef2f4c4eeb8c789dbdc37c8d7e211c1712b83e9cdfcfccc160f4c4d9
- SHA512
  
  52b20378ed3b890d6c2e91fdee19c91d498893c9cbd97bfb9f760d20313c79916b5a76884f148f5fe5c488c840718f6b63d5a5e5dc1144c0312097b041d6b0db
- SSDEEP
  
  768:NfvdWST3xRbyApqHuDlOHTjXhDnyokke5dfED1ns7csFOTRZqTsc7v:pvdWSVRVDlOzjRzrksAOTRZS1v
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2